public
/
keyfork
5
0
Fork 0
Code Issues 22 Pull Requests 1 Packages Projects Releases Wiki Activity

Compare commits

base: public:e3e7f0bf447e80d6566866c70736b1e73b473b81
Branches Tags
public:main
public:ryansquared/quick-and-dirty-prompt
public:ryan/recover-shardholder-hardware
public:keyfork-shard-v0.2.2
public:keyfork-v0.2.3
public:keyfork-derive-openpgp-v0.1.2
public:keyfork-v0.2.2
public:keyforkd-models-v0.2.0
public:keyforkd-client-v0.2.0
public:keyforkd-v0.1.1
public:keyfork-shard-v0.2.0
public:keyfork-qrcode-v0.1.1
public:keyfork-prompt-v0.1.1
public:keyfork-mnemonic-util-v0.3.0
public:keyfork-entropy-v0.1.1
public:keyfork-derive-util-v0.2.0
public:keyfork-derive-path-data-v0.1.1
public:keyfork-derive-openpgp-v0.1.1
public:keyfork-derive-key-v0.1.1
public:keyfork-v0.2.0
public:keyfork-v0.1.0
public:smex-v0.1.0
public:keyfork-bug-v0.1.0
public:keyfork-bin-v0.1.0
public:keyfork-slip10-test-data-v0.1.0
public:keyfork-derive-util-v0.1.0
public:keyfork-frame-v0.1.0
public:keyforkd-models-v0.1.0
public:keyforkd-client-v0.1.0
public:keyfork-derive-openpgp-v0.1.0
public:keyfork-entropy-v0.1.0
public:keyfork-crossterm-v0.27.1
public:keyfork-prompt-v0.1.0
public:keyfork-zbar-sys-v0.1.0
public:keyfork-zbar-v0.1.0
public:keyfork-qrcode-v0.1.0
public:keyfork-shard-v0.1.0
public:keyfork-derive-path-data-v0.1.0
public:keyforkd-v0.1.0
public:keyfork-derive-key-v0.1.0
public:keyfork-mnemonic-util-v0.2.0
public:keyfork-mnemonic-util-v0.1.0
...
compare: public:4a6e3687c2bf38d3b68cdfdd4f3d67652694ad70
Branches Tags
public:main
public:ryansquared/quick-and-dirty-prompt
public:ryan/recover-shardholder-hardware
public:keyfork-shard-v0.2.2
public:keyfork-v0.2.3
public:keyfork-derive-openpgp-v0.1.2
public:keyfork-v0.2.2
public:keyforkd-models-v0.2.0
public:keyforkd-client-v0.2.0
public:keyforkd-v0.1.1
public:keyfork-shard-v0.2.0
public:keyfork-qrcode-v0.1.1
public:keyfork-prompt-v0.1.1
public:keyfork-mnemonic-util-v0.3.0
public:keyfork-entropy-v0.1.1
public:keyfork-derive-util-v0.2.0
public:keyfork-derive-path-data-v0.1.1
public:keyfork-derive-openpgp-v0.1.1
public:keyfork-derive-key-v0.1.1
public:keyfork-v0.2.0
public:keyfork-v0.1.0
public:smex-v0.1.0
public:keyfork-bug-v0.1.0
public:keyfork-bin-v0.1.0
public:keyfork-slip10-test-data-v0.1.0
public:keyfork-derive-util-v0.1.0
public:keyfork-frame-v0.1.0
public:keyforkd-models-v0.1.0
public:keyforkd-client-v0.1.0
public:keyfork-derive-openpgp-v0.1.0
public:keyfork-entropy-v0.1.0
public:keyfork-crossterm-v0.27.1
public:keyfork-prompt-v0.1.0
public:keyfork-zbar-sys-v0.1.0
public:keyfork-zbar-v0.1.0
public:keyfork-qrcode-v0.1.0
public:keyfork-shard-v0.1.0
public:keyfork-derive-path-data-v0.1.0
public:keyforkd-v0.1.0
public:keyfork-derive-key-v0.1.0
public:keyfork-mnemonic-util-v0.2.0
public:keyfork-mnemonic-util-v0.1.0

2 Commits
e3e7f0bf44 ... 4a6e3687c2

Author SHA1 Message Date
Ryan Heywood 4a6e3687c2
keyfork: start tracing for `recover` 2024-01-07 00:36:23 -05:00
Ryan Heywood ac2cb3d8ca
keyfork: add `recover` porcelain to start keyforkd 2024-01-07 00:33:43 -05:00
9 changed files with 161 additions and 38 deletions
Show Stats Expand all files Collapse all files

22
Cargo.lock generated
View File

@ -1065,9 +1065,11 @@ dependencies = [
"keyfork-mnemonic-util", "keyfork-mnemonic-util",
"keyfork-plumbing", "keyfork-plumbing",
"keyfork-shard", "keyfork-shard",
"keyforkd",
"serde", "serde",
"smex", "smex",
"thiserror", "thiserror",
"tokio",
] ]
[[package]] [[package]]
@ -1273,9 +1275,9 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55"
[[package]] [[package]]
name = "libc" name = "libc"
version = "0.2.147" version = "0.2.151"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4"
[[package]] [[package]]
name = "libloading" name = "libloading"
@ -1365,9 +1367,9 @@ dependencies = [
[[package]] [[package]]
name = "mio" name = "mio"
version = "0.8.8" version = "0.8.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09"
dependencies = [ dependencies = [
"libc", "libc",
"log", "log",
@ -2190,9 +2192,9 @@ version = "0.1.0"
[[package]] [[package]]
name = "socket2" name = "socket2"
version = "0.5.3" version = "0.5.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9"
dependencies = [ dependencies = [
"libc", "libc",
"windows-sys 0.48.0", "windows-sys 0.48.0",
@ -2371,9 +2373,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
[[package]] [[package]]
name = "tokio" name = "tokio"
version = "1.32.0" version = "1.35.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" checksum = "c89b4efa943be685f629b149f53829423f8f5531ea21249408e8e2f8671ec104"
dependencies = [ dependencies = [
"backtrace", "backtrace",
"bytes", "bytes",
@ -2390,9 +2392,9 @@ dependencies = [
[[package]] [[package]]
name = "tokio-macros" name = "tokio-macros"
version = "2.1.0" version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",

8
keyfork-shard/src/bin/keyfork-shard-combine-openpgp.rs
View File

@ -1,6 +1,6 @@
use std::{ use std::{
env, env,
io::{stdin, stdout}, io::stdin,
path::PathBuf, path::PathBuf,
process::ExitCode, process::ExitCode,
}; };
@ -40,13 +40,17 @@ fn run() -> Result<()> {
.pop_front() .pop_front()
.expect("any pgp encrypted message"); .expect("any pgp encrypted message");
let mut bytes = vec![];
combine( combine(
cert_list, cert_list,
&encrypted_metadata, &encrypted_metadata,
encrypted_messages.into(), encrypted_messages.into(),
stdout(), &mut bytes,
)?; )?;
print!("{}", smex::encode(&bytes));
Ok(()) Ok(())
} }

2
keyfork-shard/src/openpgp.rs
View File

@ -559,7 +559,7 @@ pub fn combine(
} }
output output
.write_all(smex::encode(&secret).as_bytes()) .write_all(&secret)
.map_err(Error::Io)?; .map_err(Error::Io)?;
Ok(()) Ok(())

2
keyfork/Cargo.toml
View File

@ -14,3 +14,5 @@ smex = { version = "0.1.0", path = "../smex" }
keyfork-plumbing = { version = "0.1.0", path = "../keyfork-plumbing" } keyfork-plumbing = { version = "0.1.0", path = "../keyfork-plumbing" }
keyfork-shard = { version = "0.1.0", path = "../keyfork-shard" } keyfork-shard = { version = "0.1.0", path = "../keyfork-shard" }
serde = { version = "1.0.192", features = ["derive"] } serde = { version = "1.0.192", features = ["derive"] }
keyforkd = { version = "0.1.0", path = "../keyforkd", features = ["tracing"] }
tokio = { version = "1.35.1", default-features = false, features = ["rt-multi-thread"] }

9
keyfork/src/cli/mod.rs
View File

@ -3,6 +3,7 @@ use clap::{Parser, Subcommand};
mod mnemonic; mod mnemonic;
mod provision; mod provision;
mod shard; mod shard;
mod recover;
/// The Kitchen Sink of Entropy. /// The Kitchen Sink of Entropy.
#[derive(Parser, Clone, Debug)] #[derive(Parser, Clone, Debug)]
@ -25,8 +26,8 @@ pub enum KeyforkCommands {
#[command(subcommand_negates_reqs(true))] #[command(subcommand_negates_reqs(true))]
Provision(provision::Provision), Provision(provision::Provision),
/// Keyforkd background daemon to manage derivation. /// Recover a seed using a recovery mechanism and begin the Keyfork daemon.
Daemon, Recover(recover::Recover),
} }
impl KeyforkCommands { impl KeyforkCommands {
@ -43,8 +44,8 @@ impl KeyforkCommands {
KeyforkCommands::Provision(p) => { KeyforkCommands::Provision(p) => {
p.handle(keyfork)?; p.handle(keyfork)?;
} }
KeyforkCommands::Daemon => { KeyforkCommands::Recover(r) => {
todo!() r.handle(keyfork)?;
} }
} }
Ok(()) Ok(())

109
keyfork/src/cli/recover.rs Normal file
View File

@ -0,0 +1,109 @@
use super::Keyfork;
use clap::{builder::PossibleValue, Parser, Subcommand, ValueEnum};
use std::path::PathBuf;
use keyfork_mnemonic_util::Mnemonic;
use keyfork_shard::openpgp::{combine, discover_certs, parse_messages};
type Result<T, E = Box<dyn std::error::Error>> = std::result::Result<T, E>;
trait IntoSeed {
fn retrieve_seed(&self) -> Result<Vec<u8>>;
}
#[derive(Clone, Debug)]
pub struct Shard;
impl IntoSeed for Shard {
fn retrieve_seed(&self) -> Result<Vec<u8>> {
todo!()
}
}
#[derive(Clone, Debug)]
pub struct RemoteShard;
impl IntoSeed for RemoteShard {
fn retrieve_seed(&self) -> Result<Vec<u8>> {
todo!()
}
}
#[derive(Clone, Debug)]
pub enum SeedFormat {
Shard(Shard),
RemoteShard(RemoteShard),
}
impl ValueEnum for SeedFormat {
fn value_variants<'a>() -> &'a [Self] {
&[Self::Shard(Shard), Self::RemoteShard(RemoteShard)]
}
fn to_possible_value(&self) -> Option<clap::builder::PossibleValue> {
Some(match self {
SeedFormat::Shard(_) => PossibleValue::new("shard"),
SeedFormat::RemoteShard(_) => PossibleValue::new("remote-shard"),
})
}
}
#[derive(Subcommand, Clone, Debug)]
pub enum RecoverSubcommands {
/// Decrypt a shard file using keys available on the local system.
Shard {
shard_file: PathBuf,
key_discovery: Option<PathBuf>,
},
/// Combine remotely decrypted shards.
RemoteShard {},
}
impl RecoverSubcommands {
fn handle(&self) -> Result<Vec<u8>> {
match self {
RecoverSubcommands::Shard {
shard_file,
key_discovery,
} => {
let content = std::fs::read_to_string(shard_file)?;
if content.contains("BEGIN PGP MESSAGE") {
let certs = key_discovery
.as_ref()
.map(discover_certs)
.transpose()?
.unwrap_or(vec![]);
let mut messages = parse_messages(content.as_bytes())?;
let metadata = messages.pop_front().expect("any pgp encrypted message");
let mut seed = vec![];
combine(certs, &metadata, messages.into(), &mut seed)?;
return Ok(seed);
}
}
RecoverSubcommands::RemoteShard {} => todo!(),
}
todo!()
}
}
#[derive(Parser, Debug, Clone)]
pub struct Recover {
#[command(subcommand)]
command: RecoverSubcommands,
}
impl Recover {
pub fn handle(&self, _k: &Keyfork) -> Result<()> {
let seed = self.command.handle()?;
let mnemonic = Mnemonic::from_entropy(&seed, Default::default())?;
tokio::runtime::Builder::new_multi_thread()
.enable_all()
.build()
.unwrap()
.block_on(async {
keyforkd::setup_registry();
keyforkd::start_and_run_server(mnemonic).await
})
}
}

6
keyfork/src/cli/shard.rs
View File

@ -86,13 +86,17 @@ impl ShardExec for OpenPGP {
.pop_front() .pop_front()
.expect("any pgp encrypted message"); .expect("any pgp encrypted message");
let mut bytes = vec![];
keyfork_shard::openpgp::combine( keyfork_shard::openpgp::combine(
certs, certs,
&encrypted_metadata, &encrypted_metadata,
encrypted_messages.into(), encrypted_messages.into(),
output, &mut bytes,
)?; )?;
write!(output, "{}", smex::encode(&bytes))?;
Ok(()) Ok(())
} }
} }

20
keyforkd/src/lib.rs
View File

@ -9,6 +9,14 @@ pub use tower::ServiceBuilder;
#[cfg(feature = "tracing")] #[cfg(feature = "tracing")]
use tracing::debug; use tracing::debug;
#[cfg(feature = "tracing")]
use tracing_subscriber::{
filter::{EnvFilter, LevelFilter},
fmt::{format::FmtSpan, layer},
prelude::*,
registry,
};
pub mod error; pub mod error;
pub mod middleware; pub mod middleware;
pub mod server; pub mod server;
@ -17,6 +25,18 @@ pub use error::Keyforkd as KeyforkdError;
pub use server::UnixServer; pub use server::UnixServer;
pub use service::Keyforkd; pub use service::Keyforkd;
#[cfg(feature = "tracing")]
pub fn setup_registry() {
let envfilter = EnvFilter::builder()
.with_default_directive(LevelFilter::DEBUG.into())
.from_env_lossy();
registry()
.with(envfilter)
.with(layer().with_span_events(FmtSpan::CLOSE))
.with(tracing_error::ErrorLayer::default())
.init();
}
pub async fn start_and_run_server_on( pub async fn start_and_run_server_on(
mnemonic: Mnemonic, mnemonic: Mnemonic,
socket_path: &Path, socket_path: &Path,

21
keyforkd/src/main.rs
View File

@ -4,13 +4,6 @@ use tokio::io::{self, AsyncBufReadExt, BufReader};
#[cfg(feature = "tracing")] #[cfg(feature = "tracing")]
use tracing::debug; use tracing::debug;
#[cfg(feature = "tracing")]
use tracing_subscriber::{
filter::{EnvFilter, LevelFilter},
fmt::{format::FmtSpan, layer},
prelude::*,
registry,
};
type Result<T, E = Box<dyn std::error::Error>> = std::result::Result<T, E>; type Result<T, E = Box<dyn std::error::Error>> = std::result::Result<T, E>;
@ -21,23 +14,11 @@ async fn load_mnemonic() -> Result<Mnemonic> {
Ok(line.parse()?) Ok(line.parse()?)
} }
#[cfg(feature = "tracing")]
fn setup_registry() {
let envfilter = EnvFilter::builder()
.with_default_directive(LevelFilter::DEBUG.into())
.from_env_lossy();
registry()
.with(envfilter)
.with(layer().with_span_events(FmtSpan::CLOSE))
.with(tracing_error::ErrorLayer::default())
.init();
}
#[cfg_attr(feature = "multithread", tokio::main)] #[cfg_attr(feature = "multithread", tokio::main)]
#[cfg_attr(not(feature = "multithread"), tokio::main(flavor = "current_thread"))] #[cfg_attr(not(feature = "multithread"), tokio::main(flavor = "current_thread"))]
async fn main() -> Result<(), Box<dyn std::error::Error>> { async fn main() -> Result<(), Box<dyn std::error::Error>> {
#[cfg(feature = "tracing")] #[cfg(feature = "tracing")]
setup_registry(); keyforkd::setup_registry();
#[cfg(feature = "tracing")] #[cfg(feature = "tracing")]
debug!("reading mnemonic from standard input"); debug!("reading mnemonic from standard input");